For some time I have wanted to write about an Enterprise
Risk Management (EMR) Map that I came across. It is put out by a company called
MetricStream. This ERM Map is designed
to assist the compliance practitioner in either designing or reviewing a
company's Governance, Risk and Management (GRC) by providing a visual
representation of the best practices in compliance business processes.
It allows a company to either develop a gap analysis or classify gaps in its
GRC program by better understanding overall system requirements. The ERM Map
lays out these best practices in a visual format; identifying
sub-processes within the specific disciplines involved in ERM; and finally
separating such practices in Leadership, Organization, Process and Technology.
This post will focus on Leadership and Process and I will discuss these in only
some of the areas which are identified by discipline on the ERM Map.
Chief Compliance Officer
Chief Risk Officer
Chief Financial Officer
Chief Operating Officer
Chief Information Officer
I have but scratched on the surface of the information
readily available on the ERM Map. I would urge the compliance practitioner to
go to the company's website and order a complimentary copy of the map. It will
give you a very good visual road map to create or enhance a complete
company-wide GRC structure or allow you to think through any of the departments
I have discussed and several others on the ERM Map which I have not discussed.
It is a very valuable and free tool.
Visit the FCPA Compliance and Ethics Blog,
hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and
other forms of risk management for a worldwide energy practice, tax issues
faced by multi-national US companies, insurance coverage issues and protection
of trade secrets.
This publication contains general information
only and is based on the experiences and research of the author. The author is
not, by means of this publication, rendering business, legal advice, or other
professional advice or services. This publication is not a substitute for such
legal advice or services, nor should it be used as a basis for any decision or
action that may affect your business. Before making any decision or taking any
action that may affect your business, you should consult a qualified legal
advisor. The author, his affiliates, and related entities shall not be
responsible for any loss sustained by any person or entity that relies on this
publication. The Author gives his permission to link, post, distribute, or
reference this article for any lawful purpose, provided attribution is made to
the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2011
For more information about LexisNexis
products and solutions connect with us through our corporate site.